The RBA’s latest financial stability review identified cyber attacks as one of the main non-financial risks to the Australian economy, citing the widespread use of outdated IT systems at Australian banks as one of the vulnerabilities hackers could exploit.

The RBA also noted that many Australian banks were using the same third-party IT systems, creating a systemic vulnerability that could be used to launch an attack against multiple institutions.

Cyber ​​attacks can affect both institutions and customers. Customers’ identities and finances can be stolen, while institutions can suffer reputational damage.

"A successful attack on an institution could even lead to a lack of confidence in the banking system more broadly, with potential withdrawals of funds from financial institutions and problems with the liquidity of the financial system," RBA Assistant Governor Michelle Bullock told the conference at the 2018 CBA Global Markets Conference.

The lack of accurate data on cyberattacks makes it more difficult to determine where hackers might attack. Few institutions are willing to disclose this information because of the associated reputational risks.

Both Bank of Queensland and AMP have recently suffered data breaches involving third party suppliers and contractors. In both cases, customers' personal details, including driver's licenses and addresses, were stolen.

Money making opportunity?

But cybercriminals aren't the only ones who stand to gain. In today's world, where everything from transportation systems to homes is networked, cybersecurity is a huge growth industry.

The global cybersecurity market is currently worth around $197.1 billion and is likely to grow to $349.1 billion by 2026.

"Cybersecurity is part of the 'new world' economy and will continue to be critically important as more of our lives, and therefore our personal data, move online," BetaShares CEO Alex Winokur told Investor Daily in March.

"Demand drivers for the cybersecurity industry remain strong, and we believe investors will continue to recognize the opportunity to be part of this story and seek investment opportunities that provide access to this sector."

One area of ​​growth for the cybersecurity industry is the Indo-Pacific region, where the rapid development of online financial infrastructure has led to a demand for means to protect it.

The Indo-Pacific region will account for a quarter of global cyber security spending by 2026, providing multiple opportunities for Australian investors to expand their cyber security portfolios.

High tech, low life

The ever-evolving nature of cybercrime and the lack of awareness of how it is carried out means that few institutions are prepared for a potential attack.

"The business is half a step behind," Bailador CEO David Kirk told Investor Daily.

"You're constantly trying to keep up with the times, but cybercriminals move a little bit faster."

Large-scale cyberthefts can use a number of strategies, including social engineering and phishing, as well as "insiders" to install malware such as keyloggers that can be used to harvest passwords and other personal information from financial institutions.

Even the most sophisticated organizations can fall victim to cyberattacks. Low-tech penetrations can be particularly effective; an Iranian nuclear plant was crippled when an employee inserted a USB infected with a US military virus into one of the plant's computers.

"We can never let up on being as vigilant as possible," Mr Kirk said.

"Cybercriminals are working fast and investing a lot of money and a lot of time to defeat cybersecurity."